reply on: TUTORIAL: Blockstream Jade Plus \ stacker news ~bitcoin

pull down to refresh

184 sats \ 9 replies \ @freetx 22 Jan \ parent \ on: TUTORIAL: Blockstream Jade Plus bitcoin

Yes, just found this when you commented: https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle

0 sats \ 8 replies \ @nym 23 Jan

What does it do? Verify the integrity of the device?

27 sats \ 7 replies \ @freetx 23 Jan

Jades don't have "secure element" chips in them. This was a design choice since 90% of all "cracks" of hardware wallets involve disrupting the secure element to gain control.

As a result of no secure element, the way the device encrypts the data on it (your seed) is by using the pin you enter. Obviously a 5 digit pin is a very small keyspace (which would be trivial to crack), so what happens is that pin is itself key-stretched to become a much larger encryption/decryption key off-device by using the website.

So the back-and-forth scanning of QR codes does that, essentially the "secure element" is the website / blind oracle which transforms your 5 digit pin into a proper encryption/decryption key.

27 sats \ 6 replies \ @nym 23 Jan

Thank you. That comforts me a little. So the exchange has nothing to do with your seed (since you have to enter the pin before the seed anyway) and after it gets the pin and before it gets the seed it has no outside connection to the world again?

59 sats \ 5 replies \ @freetx 23 Jan

Correct. The only thing the pin+exchange is used for is to temporarily load the decryption key into the devices RAM. At no point is your seed - either in encrypted or decrypted form - ever off the device.

21 sats \ 0 replies \ @nym 23 Jan

And it seems easy enough to setup the local pin server

0 sats \ 3 replies \ @nym 24 Jan

In the camera on the Plus better than the old one and can it handle multi-sig QR codes?